The publication originated as a result of the '1st Australia Germany 1.5 Track Cyber Security Dialogue' held in Canberra in June 2018 – it is not a direct summary of the proceedings but draws on and further develops some of the key themes that emerged during the Dialogue. This Dialogue, titled “Mapping the Field: The New Ecology of Cyber Security Challenges”, explored crucial aspects of contemporary cybersecurity issues: geopolitical implications of a shifting global order; international cyber norms; military cyber operations; and public-private partnerships. The attendees, German and Australian cyber security professionals, government representatives, academic experts and private sector representatives discussed current and emerging threats and opportunities in cyberspace to enhance multi-agency and partner coordination and cooperation.

Several distinct trends identified through the Dialogue are addressed in this paper:

•Attribution, deterrence and the problems associated with these concepts a shifting operating environment;

•The effect such trends have upon traditional methods of diplomacy, especially when the integrity and privacy of such engagements is no longer guaranteed;

•What defensive measures should look like. Are methods such as ‘hacking back’effective and/ or productive?; What are our responsibilities and accountabilities, as democratic societies in choosing such measures?

Australia and Germany share similar challenges and approaches in this field. Questions at the forefront of policy-making debate query how governments can keep up with technology industry innovation that often out paces, if not drives, military adaptation. How can deterrence and attribution be used effectively – from a national security perspective – against a backdrop of societies that seek to be increasingly anonymous and where privacy legislation, such as the GDPR (General Data Protection Regulation), has global implications for governments and the private sector alike? At the same time, the two countries’ cyber security strategies also differ on a number of aspects; in this way, to compare and contrast approaches can be fruitful for gaining a deeper understanding of the problem-set and what can be done about it. Ultimately, the analysis paper will demonstrate that in order to effectively manage and mitigate within a cyber ecosystem, a combination of political leverage, diplomacy, dialogue and deterrence is required in order to safeguard State sovereignty.

Contributions by some of the conference participants, who have provided permission to publish their statements (some of them attributed, some under Chatham House Rule), are also included.